Inadvertent insiders – employees who unwittingly caused security incidents through negligent actions – were responsible for more than two-thirds of compromised data in 2017.

This is according to IBM’s X-Force Threat Intelligence Index 2018, which reveals that misconfigured cloud servers and networked backup incidents unintentionally exposed more than 2-billion records, making confidential data ripe for picking.

The IBM X-Force team examined numerous cyberthreats that shaped the threat landscape in 2017 and will continue to have an impact in 2018.

To uncover key trends in the 2017 cybersecurity threat landscape, such as the threat from inadvertent insiders, research teams combed through and analysed hundreds of millions of data points.

Key findings from the IBM X-Force Threat Intelligence Index 2018 include:

* Diminishing Shellshock attacks lead to a decline in network attacks and security incidents. Top targeted industries experienced a decline in attacks and security incidents – down 18% and 22%, respectively – in 2017 over the previous year. This decline is largely attributed to a reduction in Shellshock attacks, which is a result of the diminishing available attack surface due to patching. There were 71% fewer Shellshock attacks in 2017 than 2016.

* Gozi undergoes the most notable financial malware shift. The most active financial malware in 2017, Gozi (Ursnif), toppled Zeus from its number one position. Gozi activity made up nearly one-fourth of the activity X-Force tracked, proving that organized crime is overtaking all other classes of threat actor in the financial malware-facilitated fraud scene.

* Destructive ransomworm attacks WannaCry, Not Petya and Bad Rabbit cost enterprises millions. Although many chief information security officers (CISOs) were already aware and concerned about crypto-ransomware, organisations faced a new breed of this threat in 2017. The X-Force report projects that this is likely to happen again in 2018.